Vulnerability Description
Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier.
CVSS Score
8.8
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Sma 100 Firmware | <= 9.0.0.4 |
| Sonicwall | Sma 100 | - |
Related Weaknesses (CWE)
References
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0021Vendor Advisory
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0021Vendor Advisory
FAQ
What is CVE-2019-7486?
CVE-2019-7486 is a vulnerability with a CVSS score of 8.8 (HIGH). Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier.
How severe is CVE-2019-7486?
CVE-2019-7486 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-7486?
Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Sma 100 Firmware, Sonicwall Sma 100.